PulseAugur
EN
LIVE 13:25:52

Claude Code subagents bypass parent tool restrictions, posing security risk

A security vulnerability has been identified in Claude Code where subagents spawned through the Agent tool do not inherit the parent agent's disallowed tools. This means a tool explicitly blocked by the parent agent can still be executed by the subagent, potentially leading to unintended data modification, credential breaches, or inaccurate audit trails. Developers are advised to explicitly configure tool permissions for each subagent rather than relying on inherited deny lists and to implement external guardrails for critical operations. AI

IMPACT Potential for unintended data loss or security breaches due to inherited permission failures in AI agent workflows.

RANK_REASON Identifies a specific functional limitation and potential security flaw in a particular feature of an AI product.

Read on dev.to — Claude Code tag →

AI-generated summary · Google Gemini · from 1 sources. How we write summaries →

Claude Code subagents bypass parent tool restrictions, posing security risk

COVERAGE [1]

  1. dev.to — Claude Code tag TIER_1 English(EN) · TerminalBlog ·

    Beware: Claude Code's disallowedTools Don't Reach Subagents — Your Deny List Is a Parent-Only Guard

    <p>You lock down your agent. You write a <code>permissions.deny</code> list, or you restrict the allowed toolset, and you trust that the boundary holds everywhere the agent runs. A freshly filed, reproducible GitHub issue says otherwise for one important case: <strong>subagents y…